We are extremely happy to announce that BrainCert has successfully completed the stringent evaluation procedure for ISO certification and is now an ISO 27001:2013 Certified company. ISO 27001 is an internationally renowned and accepted standard for Information security setting out a framework for implementing, operating, monitoring, reviewing and improving an Information Security Management System.
Since our inception in 2013, we’ve kept data privacy & information security at the heart of everything the company does and makes compliance with security standards and regulations a high priority. By implementing ISO/IEC 27001:2013 standards, BrainCert looks forward to proactively identifying, controlling & eliminating any potential security risk.
What Does It Mean to Be ISO 27001:2013 Certified?
ISO 27001 is the golden standard when it comes to information security. The standards were first published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005 and was later revised in 2013. It basically sets out guidelines & best practices to effectively store & manage data.
Being an ISO 27001:2013 certified company means that BrainCert has a fully occupied information management system in place that is in compliance with the best practices recommended by ISO & IEC for information & data security.
In short, ISO 27001 gives our customers the following guarantees
1. Data is safe during transit or rest
The ISP 27001 compliant Information Security Management System (ISMS) at BrainCert ensures that your data is safe while at transit or rest irrespective of whether the data is digital, paper-based, or in the Cloud
2. Data is secured against cyber attacks
Because of the foolproof security systems that are in place, we can ensure our users maximum protection against cyber-attacks & data breaches.
3. We are fully capable of responding to evolving security threats
Due to the stringent risk management standards we meet, we can assure you that BrainCert is fully capable of responding to evolving security standards.
What is the process behind being awarded the ISO 27001 Certificate?
Any ISO certification requires an external audit to be conducted on the Information Security Management System (ISMS) that is in place by a certification body. The external auditors will thoroughly inspect the practices, policies, and procedures that are in place in an organization to assess whether its ISMS meets the requirements of the Standard.
At BrainCert, we began preparing for the process almost eight months back by reviewing our systems & internal processes, identifying the flaws in our systems, and introducing new security systems & the right security policies and procedures.
The final stage included an extensive audit conducted by an external certification agency who thoroughly checked all elements of our security systems.
Why did we choose to complete the ISO 27001 certification?
Here at BrainCert, security & data privacy are always in the centre of everything that we do. We have always remained compliant with the various SaaS compliance standards including GDPR, HIPPA, and SOC2.
Because we collaborate with multi-faceted clients from across the globe, we wanted to ensure that there were no stones left unturned when it comes to security & data privacy. ISO 27001 being a standard that uses a top-down, risk-based approach to evaluation, we wanted to get it done and every team in the company came together to get this job done, including IT, Engineering, Infrastructure, Sales and the entire customer success staff.